IP-VPN compared to VPN, Internet connection, Ethernet and Dark Fibre

Can you imagine the near unthinkable? That there was once life without Internet? We at any rate have almost forgotten how things used to be. Internet is always there, and accessible wherever you are. It has become something you take for granted, both in your private life and in business.

The amount of data we send (and store) every day is huge, especially in business. This data is increasingly stored externally to prevent overruns in their own IT facilities. Consequently data is now spread across various locations (data centres, the public cloud) and different systems.

The data must therefore be available at any time and any place. Organisations often have several offices and sites. Moreover, a situation where all the employees in an organisation work at one of the company’s sites is no longer so self-evident these days. They are often allowed to work from home or need to work when travelling. So data needs to be available in these situations as well.

Wide Area Network (WAN)

A WAN, i.e. a Wide Area Network, is the best way of achieving this. A WAN makes it possible to build a fast network that links different locations such as workplaces, office buildings and data storage locations.

And when you consider a WAN, you will almost certainly also consider IP-VPN, which is a way of linking different locations together in a closed Virtual Private Network.

However, there are many more methods to create a WAN. A few examples of WAN infrastructure methods:

  • IP-VPN
  • Internet connection
  • Internet VPN
  • Ethernet
  • Dark Fibre

The last one is a solution that has much to recommend it, especially in the case of large organisations that work with sensitive data. These organisations attach great importance to handling data with due care and diligence. Because where you have the Internet, you also have cybercriminals. And you need to be able to send data in a secure manner to prevent thieves making off with this very sensitive information.

This blog compares the different methods with IP-VPN and gives you a clear idea of the best approach for your organisation.


IP-VPN involves creating a virtual private network based on existing networks, which can then be used to link different locations. In effect, you ‘build’ a kind of tunnel between two endpoints. This arrangement uses a private IP network, which is managed by a single provider.

Even though several customers use this physical network (via MPLS), you still have access to a ‘private network’ because the traffic flows are strictly separated using IP subnets.

One possible disadvantage of IP-VPN is that a Quality of Service has to be configured in many cases, particularly when the quality of the different connections is not the same.

An IP-VPN requires a synchronous connection: the upload and download speeds must be the same. This is to prevent malfunctions and/or delays from slowing down work processes within an organisation. In addition, you always have to involve the provider, for example when you want to add new IP subnets to a network.

Internet connection vs. IP-VPN

Using a public internet connection is much simpler than IP-VPN. Your locations are connected to each other and/or connected to a data centre or cloud environment via the operator’s infrastructure. This infrastructure is available with an agreed bandwidth (1 Mb/s to > 1 Gb/s) and is shared with other customers.

The favourable price is the main advantage of this method. The higher latency – because public Internet is used – and the higher security risks are possible disadvantages that can never be completely overcome.

An internet connection is much less secure than IP-VPN.

Internet VPN vs. IP-VPN

An Internet VPN – a Virtual Private Network – is similar to IP-VPN. Here again, you create a virtual network, i.e. a tunnel ‘built’ between two endpoints.

The data sent through this tunnel is encrypted and therefore cannot be read by third parties.

The advantage of Internet VPN is lower cost compared to IP-VPN.

One possible disadvantage though is the use of a public gateway, meaning that DDoS attacks and possibly other forms of attack cannot be ruled out. Furthermore, you can’t guarantee that the shortest route from location A to location B will be used, so increased latency can occur here as well and access to the Internet cannot be guaranteed.

Ethernet vs. IP-VPN

Ethernet allows you to create your own managed environment. All relevant locations – and any data centres – can be included in the WAN via an Ethernet service.

The WAN is effectively an extension of the LAN, so all the services are centralised and more easily managed in comparison to managing an IP-VPN. Moreover, Ethernet is slightly safer than IP-VPN, because the environment is protected.

The disadvantage of Ethernet is the fact that services and connections have to be purchased from a single supplier, which leads to higher costs. In addition, switching to a cheaper provider is no easy matter and you may find yourself constrained by limited scalability.

Dark Fibre vs. IP-VPN

Dark Fibre, or unlit glass fibre, is the last option we are going to discuss in this blog. Dark Fibre is a fibre-optic cable to which no activating equipment has been connected as yet.

You have to buy the light-generation equipment yourself and can choose any supplier you want. If you use a Dark Fibre network to connect different locations, everything is 100% under your control. This automatically makes a Dark Fibre network safer than IP-VPN.

Moreover, Dark Fibre offers optimal scalability, unlimited bandwidth and outstanding stability and safety. The latter is particularly important for organisations that work with highly sensitive data.

One disadvantage of Dark Fibre is the relatively high cost. Investments need to be made in a private network, in equipment and, in some cases, in bringing fibre-optic cables into your office buildings.

Which method is best for you?

As you have read above, networks, office buildings and data centres can be connected to each other in many ways. But what is the most appropriate solution for you? The answer to this question partly depends on the size of your organisation and the amount of (sensitive) data you send.

If you are a small business and hardly ever work with sensitive data, an Internet connection or Internet VPN is sufficient. If you prefer not to invest your own capital but would definitely benefit from your own managed environment, you can opt for IP-VPN or Ethernet. However, since both use public connections, there is always a small chance that intruders will ‘break in’. Following the introduction of the General Data Protection Regulation (GDPR), data security is increasingly a hot topic. Organisations must be able to demonstrate that they are in control and that they handle data with care. This not only applies to the data itself, the way it is transported is also in scope.

Dark Fibre is the safest option in this case. Because you control the light-generation equipment for the Dark Fibre infrastructure, you also have full control over the security of your connection. In addition, encryption can be implemented at the fibre-optic level, which minimises the security risks.

A Dark Fibre solution is optimally scalable and gives you unlimited bandwidth. Even though your initial investment in your network is relatively high, you are assured of a future-ready solution going forward!

Relined Fiber Network

Relined Fiber Network is a supplier of Dark Fibre. If you want to know exactly what Dark Fibre involves and whether it is suitable for your organisation, please read our Dark Fibre blog on the website.